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<local computer information 




computer name 


="org5" 


domain name 


="bugwheat2" 


virtualip address 


="10.0.11.130" 


visibleip address 


="208.185.39.2" 


firewall in place 


="no" 


network config 


="lnline" 


dns from dhcp 


="no" 


dns primary 


="10.10.10.2" 


dns secondary 


="10.10.10.3" 


Proxy I p 


="208.185.40.2" 




</local computer information> 




<Iocal interface information> 




name 


="eth0" 


mac layer address 


="00:90:27:EE:02:3B" 


local IP address 


="208.185.39.2" 


gateway 


="208.185.39.1" 


subnet mask 


="255.255.255.0" 


dhcp 


="none" 


</local interface information> 






<local LAN Informationxaddress range> 




startip address range 


="208.185.49.1" 


endip address .range 


="208.185.49.255" 


type 


-'included" 


gateway 


— Mil 


</address range> </local LAN_lnformation> 




<cryptographic tey> 




kind 


="PublicKey" 


type 


=" N OC's_Pri ma ry_Key " 


format 


="RSA" 


encryption 


="3DES" 


modulus 


="0x ... 01" 


modulus bits 


="1024" 


public exp 


="0x03" 


</cryptographic key> 






<firewall rule> 


protocol ="tcp" 


direction-'in" 


src ip mask="$any" 


src portal 024:65535" 


dst ip mask="$1" 


dst port="21" 


action="ACCEPT" 


rule number-"!" 


</firewall rule> 



FIG. 12 



23/61 



CONTACT GATEWAY(S) ON 
TRUSTED PARTNER LIST 

i 

ATTEMPT TO ESTABLISH A TUNNEL 
TO GATEWAY(S) ON TRUSTED 
PARTNER LIST 



-1310 



-1320 



'•V 




YES 





NO 




r 


ESTABLISH A 


TUNNEL TO OTHER 


GATEWAY 




f 



ORIGINATING 
GATEWAY WAITS 
FOR DESTINATION 
TO ESTABLISH A 
TUNNEL 




-1370 



EXCHANGE 
INFORMATION 
THROUGH TUNNEL 




1380 



EXCHANGE 
INFORMATION 
/THROUGH TUNNEL 




ORIGINATING 




GATEWAY 


NO 


OPENS 


< < 


A TUNNEL 




1 


r 





EXCHANGE 
INFORMATION 
^THROUGH TUNNEL 





1391 



ESTABLISH 
HAIRPIN 



1392- 



FIG. 13 



EXCHANGE 
INFORMATION 
.THROUGH HAIRPIN, 



24/61 




27/61 



2210 



DETERMINING HAIRPIN IS NEEDED 



2215 



AUTHORIZING HAIRPIN 



2220 



REQUESTING HAIRPIN 



2230. 



CREATING HAIRPIN 



2240. 



ESTABLISHING CONNECTIONS TO 
HAIRPIN 



2250/~\_/ EXCHANGING INFORMATION 



FIG. 15C 



30/61 



CONNECTING TO NOC 



RETRIEVING GATEWAY 
SHARED SECRET 




NEGOTIATING A TUNNEL 



INITIALIZING GATEWAY 



SIGNING-ON TO NOC 



EXCHANGING 
CONFIGURATION 
INFORMATION 



-1710 



-1720 



-H DISCONNECTING 



1 




GENERATING 
ALARM 



-1750 



-1760 



-1770 



-1780 



FIG. 17 



31/61 



1800 



PC1.1 



1824 
• • • 



PCN.n 



,.1823 



PC2.1 



1834 
t • • 



,.1833 



PC2.n 



1821 





HUB 








GATEWAY 1 










IADI 





.1822 





HUB 








GATEWAY 2 










IAD2 





-1832 



-1831 



GATEWAY 3 



IAD3 




Internet 




610 



NOC 



1840 



..1815 



-1860 



HUB ^^1861 



COMPUTER 



/v/1862 



FIG. 18 



/-V 



32/61 



1910 



RECEIVING MONITOR AND 
CONTROL INFORMATION FROM 
ONE OR MORE GATEWAYS 



1920 



DETECTING 
AN ADDRESS 
CHANGE AT A 
.FIRST GATEWAY^ 



NO 



05 



YES 



1930 



IMi 

w 



1940 



1950 



THE FIRST GATEWAY RE- 
ESTABLISHES A TUNNEL WITH THE 
NETWORK OPERATIONS CENTER 



1 


r 


STORING THE NEW ADDRESS 




r 



NOTIFYING ALL THE GATEWAYS 
THAT ARE ON THE FIRST 
GATEWAY'S PARTNER LIST OF THE 
NEW ADDRESS TO ENABLE 
TUNNEL REESTABLISHMENT TO 
EACH GATEWAY 



FIG. 19 



33/61 



ESTABLISHING A TUNNEL 
BETWEEN THE FIRST GATEWAY 
AND SECOND GATEWAY 



2010 



FIRST GATEWAY PROPOSES A 
FIRST INTERMEDIATE ADDRESS 
SPACE 



-2020 



SECOND GATEWAY PROPOSES A 
SECOND INTERMEDIATE ADDRESS 
SPACE 



•2030 



NEGOTIATE ACCEPTABLE FIRST 
AND SECOND ADDRESS SPACES 



2040 



SEND FIRST AND SECOND 
ADDRESS SPACES TO NOC 



-2050 



TRANSLATE TO/FROM 
INTERMEDIATE ADDRESS SPACE 



■2060 



FIG. 20 



35/61 



2210 



Administrator(l) accesses administration server from 
behind gateway(1) 



2212 



2214 



Administrator(l) enters login_id and password 



Administration server verifies login_id and password and 
verifies Administrator(l) behind a gateway(1) for which 
they have permissions 



s 

w 



2216 

2218 

2220 

2222 
2224 

2228 
2230 

2232 
2234 

2236 
2238 



Administrator(l) opens screen for exporting gateways 



Administration server supplies Administrator(l) with names; 
of potential gateways to export 



I 



Administrator(l) enters name of domain to which names 
are to be exported 



Administrator(l) selects names of gateways to export 



Administrator(l) selections sent to administration server 



i 



Database server stores Information on selected gateways 
for which administrator has permission 



Administrator(2) for gateway(2) logs on to administration 
server (entering login_id and password) 



Administration server verifies login_id and password and 
that they are behind a gateway for which they have 
permissions 



Administrator(2) informed they can import gateway names 
for gateway(2) 




Exported names added to list of potential partners for 
gateway(2) 



Exported names not 
imported 



FIG. 22 



36/61 



m 




ilHI^^ISii 



CO 
CM 



co ^ in <jd oo o c 

CTJ CT> O) CP o CT> O) c 

c. :xr x;. xf xf: xf x: 

O <_> <_> o o o o <_* 

0) (D CJ (U 0) d) OJ d 

a: q: q: q: a: tx. on a: 

<u <d a> cd a* cu <d a; 

a a a a a a a c 

oooooooc 



CO 
CM 



coo 



37/61 




38/61 




m 



47/61 



Access the Network 


Operation Center (NOC) 










Login as 






Administrator 





3410 



3415 




Transmit Gateway 
IP address to NOC 



Assign Virtual Address 
to Gateway 



Download Gateway Code & 
Information from NOC 



Execute Gateway Code 



Download Network 
Configuration Information 
from NOC 



Notify Virtual 

Network 
Administrator 



3430 



3435 



3440 



3445 



3450 



FIG. 34 



48/61 



Determine Software 
Version on Gateway 



3510 



Schedule Time 
for Upgrade 



3515 



Download an Upgrade from 
Network Operation Center 
(NOC) 



3520 



Wait Until 
Scheduled Time 



S" 



3530 



Install Upgrade 



3535 



Change Active 
Partition 



3550 



Access NOC 




3540 



3545 



Revert to Previous 
Gateway 
Configuration 



3555 



Access 
NOC 



3560 



Notify NOC 



3565 



Notify VPN 
Administrator 



3570 



End 



3580 



FIG. 35 



49/61 





Network Operations 
Center (NOC) Sends 
Keep-Alive Packets to 
Gateway 


.-3610 


I — ► 


< 1 



-3615 



-3635 



Gateway 
Receives Packets 
and Retransmits 
to NOC? 



N 



Has Gateway 
Exceeded the 
Time Period? 



N 



NOC Computes 
Round-Trip Packet 
Delay 



3620 



Notify 
Administrator for 
Virtual Network 



-364 



NSP Latency = 
Round Trip Delay / 2 



3625 



NOC Collects NSP 
Latency Statistics 



3630 



FIG. 36 



51/61 



Detect Event at 
Network Operation 
Center (NOC) 



oo 

m 



D 

m 



m 
pi 

Mi 



Notify NOC 
Administrator 



Notify VPN 
Administrator 



Log Problem 
Report 



-3810 



-3815 



-3820 



-3825 



FIG. 38 




FIG. 39 



53/61 



GW1 Sends 
Packets Through 
Tunnel 



GW1 Computes 
Round-Trip Packet 
Delay 



Tunnel Latency = 
Round Trip Delay / 2 



GW1 Collects Tunnel 
Latency Statistics 



GW1 Transmits Tunnel 
Statistics to NOC 



-4010 



4020 




GW2 Receives 
and Retransmits 
Packets Through 
Tunnel 



-4025 



-4030 



-4035 
— ► 



NOC Receives and 
Archives Tunnel 
Latency Statistics 



FIG. 40 



54/61 £ 



■o 

CD 
CL 
Q_ 
O 



□ 

w 

rli 

y 



CO 

c 

o 
o 

CD 
CO 



CD 



° E 



03 

E 
c 

I 

c 



-© ° 

E o - 

2 9= | 

J -J- 

E?"5 £ 

P 2 .W A. 

E ii E § 

C > O V 



2 



cd 
o 

CD 

I 



CO 
CD 

-O 



CD 
CD 



T3 
O 



O 0) "D 

= II C 

II CD CD 

.9- O) -Q 

> CD V 



II 

2 
CD 




■g 
c 

CD 



> 
CD 

x" 

CD 

E 



CD 
CD 



"O 
O 



°5 A 
A "CD ^ 



CD 
_CD 
V 



ro 

v" 



o 
a 

CD 
CO 



o 



A 

A a 

CD CD 

c *t 

C CD 
V V 



11 -a 

E CD 
CD -Q 



2 "8 
t CL 

CD ( Ql 

H <5 
w J 

^1 

CD C 
£ CO~ 
0 CD 

Ml 
Is 1 

II £ 

CD 

cz 

CD 



LO O 
OJ CO 



CO 



o 



o 

LO 



57/61 




58/61 





59/61 



in 
o 

CO 




